Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Tackling Cyber Threats in Banking Digitization by KRYPTON Security - ArabNet Beirut X

94 vues

Publié le

This session is dedicated to topic of Cyber or Information Security. The intent is to familiarize the audience with the current context, required strategy to tackle the related topics and a potential approach.

Publié dans : Technologie
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

Tackling Cyber Threats in Banking Digitization by KRYPTON Security - ArabNet Beirut X

  1. 1. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 Cyrus SALESSE, Co-Founder & CEO – KRYPTON Security Beirut | June 12 & 13, 2019 Tackling Cyber Threats in Banking Digitization
  2. 2. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 CONTEXT: DIGITIZATION TRENDS 2
  3. 3. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 AI and Machine Learning 3 Digitization Trends in Banking (on a scale of 1-7) Open Banking (Open API) Cloud Processing Chatbots and Voice Technology 5.68 5.66 4.97 5.10 Source: Innovation Retail Banking Report 2018
  4. 4. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 Mobile Primary Channels for Banking Services by 2020 (on a scale of 1-7) 4.58 4.67 4.93 5.95 6.56 Online Digital Assistance Social Media APPs Source: Innovation Retail Banking Report 2018 Mobile
  5. 5. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 THREAT LANDSCAPE 5
  6. 6. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 Customer Online Security and Fraud 6 Data Protection and Security represent the biggest challenges (40%) to Open Banking 19% Conforming to Data Protection and Privacy Regulation 21%
  7. 7. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 Data Fraud or Theft 7 Top Five Global Risks in 2018 in terms of Likelihood 4th Cyberattacks3rd Natural Disaster2nd Extreme Weather Events1st Failure in Climate Change Mitigations and Adaptation 5th Source: The Global Risks Report 2018
  8. 8. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 8 Cost of Responding in 2017 Year-on-year Increase 27%$14.8 B
  9. 9. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 REAL EXAMPLES 9
  10. 10. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 10 150 countries 300,000 Computers WannaCry Source: The Global Risks Report 2018
  11. 11. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 11 US$ 300 Million (per Quarter) NotPetya Shutdown of the Entire Country Ukraine Source: The Global Risks Report 2018
  12. 12. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 STATE OF INFOSEC: GLOBAL VS. ME 12
  13. 13. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 13 Global Cybersecurity Index: Middle-East Egypt | 4, 23Qatar | 3, 17 Oman | 2, 16KSA | 1, 13 UAE | 5, 33 Source: GCI Report 2018, ITU Publications
  14. 14. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 14 Global Cybersecurity Index: Middle-East Jordan | 8, 74 Syria | 15, 114 Iraq | 13, 107 Bahrain | 7, 68 Lebanon | 17, 124 Kuwait | 6, 67 Source: GCI Report 2018, ITU Publications
  15. 15. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 15 8 Key Insights into Global Cybersecurity Landscape in EMEA 1. Finance tops “most targeted sector” list 2. Supply Chain catching digital business off-guard 3. Ransomware is Criminals’ weapon of choice 4. Ransomware morphs to become destructive 5. Technology Sector targeted for IP 6. Manufacturing and Operational Technology in line of fire 7. The challenge of balance between compliance and cybersecurity 8. Improved user awareness drives incident response maturity
  16. 16. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 16 Top Types of Attacks in EMEA Ransomware Botnet Client Spyware/ Keyware 29% 11% 7% 26% 7% 1% 3% EMEA Global Source: NTT 2018 Global Threat Intelligence Report | Executive Guide (EMEA)
  17. 17. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 17 Attack Ratings by Industry in EMEA Business and Professional Services Finance Manufacturing Technology Government 20% 20% 18% 14% 9% Source: NTT 2018 Global Threat Intelligence Report | Executive Guide (EMEA)
  18. 18. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 1818 Experienced between 5,000 and 99,000 Incidents Last Year Experienced Downtime Of 3 Days or More Experienced Brand Reputational Damage 33% 13% 6% 56% 9% 16% Middle East Global13% 22% Experienced Losses of > 500K USD Top Impact of Attacks
  19. 19. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 SO WHAT? 19
  20. 20. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 20 Cybersecurity Issue Characteristics It’s Business not IT It’s Board- Level It’s End-to- End
  21. 21. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 Companies in the Middle East are in the: 21 Technology: Necessary, but not Enough! Investment in Cybersecurity Technology Top 10 Education and Training Bottom 50 Source: PwC
  22. 22. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 22 People: Still a Major Cause of Security Incidents! Lack of comprehensive Security and Awareness Training Programs ME vs. Global 37% vs. 57% Source: PwC
  23. 23. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 The Global State of Information Security® 23 Process: Who is doing What? (ME vs. Global) Identity Management 31% vs. 58% Threat Assessments 33% vs. 49% Vulnerability Assessments 36% vs. 48% Security Standards for External Business Partners 43% vs. 52% Active Monitoring and Analysis of Cybersecurity Information 30% vs. 48%
  24. 24. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 24 Management: Cybersecurity needs to be Managed at the Right Level, with the Right Level of Seniority Have a designated CISO or CSO responsible for security ME vs. Global 35% vs. 51% Source: PwC
  25. 25. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 25 Governance: Cybersecurity is no longer just an IT issue… Manage Cybersecurity issues and communications through a Cross-Functional Team ME vs. Global 38% vs. 49% Source: PwC
  26. 26. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 PRACTICAL APPROACH (TACKLING CYBER THREATS) 26
  27. 27. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 27 A Balanced Approach Openness ContainmentInfoSec Strategy
  28. 28. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 28 Preventive Measures Eliminate Unnecessary Data and Applications Ensure that Essential Controls are in Place Focus on Improved Detection and Faster Response Continuous Evaluation of the Threat Landscape
  29. 29. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 Strategy 29 Technology Process People Management Governance
  30. 30. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 30 Identify, Classify & Protect your “Crown Jewels”
  31. 31. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 31 Ensure that Policies & Procedures are in place and adhered to
  32. 32. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 32 Manage Vulnerabilities
  33. 33. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 33 Secure Configurations & ensure Privileged Access Management
  34. 34. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 34 Secure Applications
  35. 35. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 35 Monitor your Environment: Security Operation Center – SOC
  36. 36. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 36 Ensure an adapted and well-positioned InfoSec Organization
  37. 37. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 37 Invest in InfoSec Technical Skills
  38. 38. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 38 Increase Security Awareness
  39. 39. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 39 Information Security Management System (ISMS)  ISO27xxx
  40. 40. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 40 KRYPTON Information Security Framework KRYPTON On-going Protection KOP Crown Jewels Policies & Procedures InfoSec Organization Vulnerability Management Secure Configurations Secure Applications Security Operations Security Awareness InfoSec Skills ISMS
  41. 41. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 41 Implementation Building Blocks InfoSec Expertise Business Process [Re-] Engineering Project Management Business Readiness
  42. 42. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 42 Structural InfoSec Maturity Initial Repeatable Defined Managed Optimized
  43. 43. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 Q&A 43
  44. 44. ArabNet Beirut | Tackling Cyber Threats in Banking Digitization © Copyright 2013 to 2019 KRYPTON – All rights reserved 12 June 2019 Thank You 44

×